package www.authority.config.interceptor;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.subject.Subject;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.web.method.HandlerMethod;
import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;
import www.authority.config.token.CheckToken;
import www.authority.config.token.JwtToken;
import www.authority.config.token.LoginToken;
import www.authority.entity.SysUserEntity;
import www.authority.util.ShiroUtils;
import www.common.util.StringUtils;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.lang.reflect.Method;

/** 
* @Description: 登录拦截器
* @Param:  
* @return:  
* @Author: Mr.Yan 
* @Date: 2018/12/11 
*/

public class SecurityInterceptor extends HandlerInterceptorAdapter {
    // 登录地址
    @Value("${shiro.user.loginUrl}")
    private String loginUrl;

    @Value("${shiro.user.unRegisterUrl}")
    private String unRegisterUrl;
    @Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object object)
            throws Exception {
        // 如果不是映射到方法直接通过
        if (!(object instanceof HandlerMethod)) {
            response.sendRedirect(loginUrl);
            return false;
        }
        System.out.println("输出结果:————————————————————————" + ""+request.getRequestURL());
       // RegisterKey registerKey = new RegisterKey();
       // boolean register = registerKey.isRegister();
        boolean register = true;
        if (!register){
            // 跳转登录
            String url = "/unRegister";
            response.sendRedirect(url);
            return false;
        }
        // 验证有没有用户
        SysUserEntity subjectUser = ShiroUtils.getSubjectUser();
        if(StringUtils.isNotNull(subjectUser)){
            return true;
        }else{
            // 接口方式
            // 从 http 请求头中取出 token
            String token = request.getHeader("token");
            HandlerMethod handlerMethod = (HandlerMethod) object;
            Method method = handlerMethod.getMethod();
            //检查是否有LoginToken注释，有则跳过认证
            if (method.isAnnotationPresent(LoginToken.class)) {
                LoginToken loginToken = method.getAnnotation(LoginToken.class);
                if (loginToken.required()) {
                    return true;
                }
            }

            //检查有没有需要验证token权限的注解
            if (method.isAnnotationPresent(CheckToken.class)) {
                CheckToken checkToken = method.getAnnotation(CheckToken.class);
                if (checkToken.required()) {
                    // 执行认证
                    if (token == null) {
                        response.sendRedirect(loginUrl);
                        System.out.println("输出结果:————————————————————————" + "无token，请重新登录");
                        return false;
                    }
                    JwtToken jwtToken = new JwtToken(token);
                    Subject subject = SecurityUtils.getSubject();
                    subject.login(jwtToken);
                    return true;
                }
            }
        }
        response.sendRedirect(loginUrl);
        return false;
    }
}
